摘要
为提高软件定义网络(Software Defined Network,SDN)可疑流量检测算法性能,提出一种基于无向图流程创建信息聚合推理的k近邻SDN可疑流量检测方法.利用OpenFlow模块进行数据流创建,并进行入侵规则构建.然后,基于马尔可夫链的图节点/边表示,采用无向图方式进行攻击特征表示,实现新增攻击的增量化表示,降低无向图构建的计算复杂度,并利用k近邻算法对无向图恶意攻击流量特征进行分类,实现攻击有效检测.最后,通过构建的SDN测试平台,对所提算法的性能进行验证.
In order to improve the performance of suspicious traffic detection algorithm in software defined network, this paper proposes a method for detecting suspicious traffic of k nearest neighbor based on undirected graph process. OpenFlow module is used to create data stream, and the intrusion rules are constructed. Then, based on the map nodes/edges represent with the Markov chain, the undirected graph was used to represent the attack characteristics, it realized the incremental implementation of new attacks, which could reduce the computational complexity of constructing undirected graph, and the k nearest neighbor algorithm was used to classify the malicious attack traffic characteristics of undirected graph to achieve effective detection of attacks. Finally, the performance of the proposed algorithm is verified by the SDN test platform.
出处
《微电子学与计算机》
CSCD
北大核心
2017年第12期5-10,15,共7页
Microelectronics & Computer
基金
清华大学青年教师资助基金(20160525)
关键词
软件定义网络
无向图
信息聚合
推理系统
K近邻
可疑流量检测
software defined network
undirected graph
information aggregation
inference system
k nearest neighbor
suspicious traffic detection
